3v4l.org

run code in 300+ PHP versions simultaneously
<?php $buffer = <<<XML <?xml version="1.0"?> <!DOCTYPE foo [ <!ELEMENT foo ANY > <!ENTITY xxe SYSTEM "data://text/html,aaaa" >]><foo>&xxe;</foo> XML; libxml_disable_entity_loader(false); $xml = simplexml_load_string($buffer); var_dump($xml); echo "trying New SimpleXMLElement($xml)"; $xml = new SimpleXMLElement($buffer); var_dump($xml); echo 'Enabling LIBXML_NOENT for test reasons'; $xml = simplexml_load_string($buffer, 'SimpleXMLElement', LIBXML_NOENT); var_dump($xml);
Output for 8.0.0 - 8.0.30, 8.1.0 - 8.1.28, 8.2.0 - 8.2.18, 8.3.0 - 8.3.4, 8.3.6
Deprecated: Function libxml_disable_entity_loader() is deprecated in /in/rXQOo on line 10 object(SimpleXMLElement)#1 (1) { ["xxe"]=> object(SimpleXMLElement)#2 (1) { ["xxe"]=> object(SimpleXMLElement)#3 (0) { } } } trying New SimpleXMLElement()object(SimpleXMLElement)#2 (1) { ["xxe"]=> object(SimpleXMLElement)#1 (1) { ["xxe"]=> object(SimpleXMLElement)#3 (0) { } } } Enabling LIBXML_NOENT for test reasonsobject(SimpleXMLElement)#1 (1) { [0]=> string(4) "aaaa" }
Output for 8.3.5
Warning: PHP Startup: Unable to load dynamic library 'sodium.so' (tried: /usr/lib/php/8.3.5/modules/sodium.so (libsodium.so.23: cannot open shared object file: No such file or directory), /usr/lib/php/8.3.5/modules/sodium.so.so (/usr/lib/php/8.3.5/modules/sodium.so.so: cannot open shared object file: No such file or directory)) in Unknown on line 0 Deprecated: Function libxml_disable_entity_loader() is deprecated in /in/rXQOo on line 10 object(SimpleXMLElement)#1 (1) { ["xxe"]=> object(SimpleXMLElement)#2 (1) { ["xxe"]=> object(SimpleXMLElement)#3 (0) { } } } trying New SimpleXMLElement()object(SimpleXMLElement)#2 (1) { ["xxe"]=> object(SimpleXMLElement)#1 (1) { ["xxe"]=> object(SimpleXMLElement)#3 (0) { } } } Enabling LIBXML_NOENT for test reasonsobject(SimpleXMLElement)#1 (1) { [0]=> string(4) "aaaa" }
Output for 7.0.0 - 7.0.20, 7.1.0 - 7.1.20, 7.2.0 - 7.2.33, 7.3.16 - 7.3.33, 7.4.0 - 7.4.33
object(SimpleXMLElement)#1 (1) { ["xxe"]=> object(SimpleXMLElement)#2 (1) { ["xxe"]=> object(SimpleXMLElement)#3 (0) { } } } trying New SimpleXMLElement()object(SimpleXMLElement)#2 (1) { ["xxe"]=> object(SimpleXMLElement)#1 (1) { ["xxe"]=> object(SimpleXMLElement)#3 (0) { } } } Enabling LIBXML_NOENT for test reasonsobject(SimpleXMLElement)#1 (1) { [0]=> string(4) "aaaa" }
preferences:
198.92 ms | 403 KiB | 173 Q